Package com.ibm.cloud.ibm_key_protect_api.v2.model

Class InstancePolicyPropertiesAttributes

  • All Implemented Interfaces:
    com.ibm.cloud.sdk.core.service.model.ObjectModel
    public class InstancePolicyPropertiesAttributes
extends com.ibm.cloud.sdk.core.service.model.GenericModel
    Attributes associated with any instance policy type.

    • Method Detail

      • getAllowedNetwork

        public String getAllowedNetwork()
        Gets the allowedNetwork. If set to `public-and-private`, Key Protect allows the instance to be accessible through public and private endpoints. If set to `private-only`, Key Protect restricts the instance to only be accessible through a private endpoint.
        Returns:
        the allowedNetwork

      • getAllowedIp

        public List<String> getAllowedIp()
        Gets the allowedIp. A string array of IPv4 or IPv6 CIDR notated subnets that are authorized to interact with the instance. If both `allowedNetwork` and `allowedIP` policies are set, only traffic aligning with both the `allowed_network` allowed network policy attribute and the `allowed_ip` allowed IP policy attribute will be allowed. IPv4 and iIP6 addresses are accepted for public endpoints. Only the IPv4 private network gateway addresses from the array will be authorized to access your instance via private endpoint. **Important:** Once set, accessing your instance may require additional steps. For more information, see [Accessing an instance via public endpoint](/docs/key-protect?topic=key-protect-manage-allowed-ip#access-allowed-ip-public-endpoint) and [Accessing an instance via private endpoint](/docs/key-protect?topic=key-protect-manage-allowed-ip#access-allowed-ip-private-endpoint) for more details. **Note:** An allowed IP policy does not affect requests from other IBM Cloud services.
        Returns:
        the allowedIp

      • isCreateRootKey

        public Boolean isCreateRootKey()
        Gets the createRootKey. If set to `false`, the service prevents you or any authorized users from using Key Protect to create root keys in the specified service instance. If set to `true`, Key Protect allows you or any authorized users to create root keys in the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the createRootKey

      • isCreateStandardKey

        public Boolean isCreateStandardKey()
        Gets the createStandardKey. If set to `false`, the service prevents you or any authorized users from using Key Protect to create standard keys in the specified service instance. If set to `true`, Key Protect allows you or any authorized users to create standard keys in the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the createStandardKey

      • isImportRootKey

        public Boolean isImportRootKey()
        Gets the importRootKey. If set to `false`, the service prevents you or any authorized users from importing root keys into the specified service instance. If set to `true`, Key Protect allows you or any authorized users to import root keys into the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the importRootKey

      • isImportStandardKey

        public Boolean isImportStandardKey()
        Gets the importStandardKey. If set to `false`, the service prevents you or any authorized users from importing standard keys into the specified service instance. If set to `true`, Key Protect allows you or any authorized users to import standard keys into the instance. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`true`).
        Returns:
        the importStandardKey

      • isEnforceToken

        public Boolean isEnforceToken()
        Gets the enforceToken. If set to `true`, the service prevents you or any authorized users from importing key material into the specified service instance without using an import token. If set to `false`, Key Protect allows you or any authorized users to import key material into the instance without the use of an import token. **Note:** If omitted, `POST /instance/policies` will set this attribute to the default value (`false`).
        Returns:
        the enforceToken

      • getIntervalMonth

        public Long getIntervalMonth()
        Gets the intervalMonth. Specifies the key rotation time interval in approximate months, where a month is equivalent to 30 days. A minimum of 1 and a maximum of 12 can be set.
        Returns:
        the intervalMonth